The strdup(3) implementation in libc uses memcpy(3), not strlcpy(3). There is no upside to using strlcpy(3) here if we know the length of str before we copy it to the destination buffer.
... unless we're worried the length of str will change? Which would be very paranoid. But if that's the case we should be checking that the return value of strlcpy(3) equals len and calling fatal() if it isn't. ok? Index: xmalloc.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/xmalloc.c,v retrieving revision 1.36 diff -u -p -r1.36 xmalloc.c --- xmalloc.c 12 Nov 2019 22:32:48 -0000 1.36 +++ xmalloc.c 10 Mar 2022 01:06:54 -0000 @@ -85,8 +85,7 @@ xstrdup(const char *str) len = strlen(str) + 1; cp = xmalloc(len); - strlcpy(cp, str, len); - return cp; + return memcpy(cp, str, len); } int